HITRUST Appoints Cybersecurity Veteran Tom Kellermann to Strengthen Third-Party Risk Management

HITRUST has appointed Tom Kellermann as Vice President of Cyber Risk, bringing over two decades of cybersecurity leadership experience from both public and private sectors. Kellermann will drive the company's industry engagement, thought leadership, and expansion into new markets with a specific focus on elevating third-party and supply chain security programs. This appointment comes at a critical time when third-party involvement is present in 30% of breaches today, according to Verizon's 2025 Data Breach Investigations Report (DBIR).

Kellermann will help accelerate the adoption of HITRUST's comprehensive portfolio of threat-adaptive information security and AI assessments, along with operational enablement tools that make effective and efficient Third Party Risk Management (TPRM) practical. These include electronic results distribution and exchange, concierge onboarding services, and the company's new integration with ServiceNow's TPRM platform — delivering the most reliable and measurable information risk management assurances available. A major focus of Kellermann's work will be guiding organizations on strengthening supply chain security and business resilience while driving cost reductions, risk mitigation, and program simplification.

Blake Sutherland, Executive Vice President of Market Engagement at HITRUST, stated that Kellermann's unique combination of government advisory experience and private sector cybersecurity leadership makes him an invaluable addition as the organization continues to help companies achieve unmatched cyber resilience. Kellermann's expertise will be instrumental in advancing HITRUST's mission to deliver quantifiable proof of risk reduction. Prior to joining HITRUST, Kellermann served as Chief Cybersecurity Officer for Carbon Black Inc. and Head of Cybersecurity Strategy for VMware, with previous executive positions at Contrast Security, Trend Micro, and Core Security, along with serving as Deputy CISO for the World Bank Treasury.

Kellermann's government service includes appointments to the Cyber Investigations Advisory Board for the United States Secret Service in 2020 and the Commission on Cyber Security for the 44th President of the United States in 2008. He has also contributed significantly to cybersecurity education and thought leadership, having taught cybercrime courses as an adjunct professor at American University's School of International Service and Kogod School of Business from 2007-2015. In 2017, he was appointed the Wilson Center's Global Fellow for Cyber Policy and co-authored the book "Electronic Safety and Soundness: Securing Finance in a New Age" in 2003.

This strategic appointment reinforces HITRUST's commitment to maintaining its position as the gold standard in cybersecurity assurance. As demonstrated in HITRUST's 2025 Trust Report, organizations with HITRUST certifications experience dramatically fewer breaches than those without, with certified organizations reporting an incident rate of just 0.59% in 2024. Kellermann's leadership in cyber risk management will be crucial in helping organizations enhance resilience and trust in digital ecosystems through measurable cybersecurity outcomes and proven risk reduction strategies.